In association with heise online

31 July 2006, 15:25

WordPress 2.0.4 closes critical security hole

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

In the new version 2.0.4, the developers of the popular WordPress blog system have closed a security hole. Attackers could have been able to use this hole to hack vulnerable systems, although no further details are currently available.

Last week, former WordPress developer with the pseudonym "Dr Dave" warned of the weak point in his blog and advised users of WordPress to disable user registration for guests. Unfortunately, he did not provide any details about the flaw, not even in the FAQs for the advisory. Chief developer Matt Mullenweg has yet to respond to a query by heise Security about the flaw.

WordPress users should upgrade to the new version immediately because version 2.0.4 also patches more than 50 general flaws in the software according to a press release from the developers.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit